> So as I understand it from what people have sent back to me: > The only difference between running in mixed or native mode is that you > can not have any NT 4 BDC's in native mode. Other than that the domain > will behave similar? If that's the case is there any best practices Yes, this is the only difference if we are talking about possibility of using older then Windows 2000 client box. There are other differences such a avilibility of universal user groups, changes in group nesting model. This was detailed described in some earlier post in this thread.
> available for when to use native and when to use mixed? And along this > line is there a security impact from those choices? I don't know such baseline but in all Microsoft publications which I have read and in several documents which describes the process of hardenning Windows 2000 environment was suggested to use native mode as soon as You have only Windows 2000 domain controlers in Your network. Mixed mode is recommended only for the time when You upgrade your domain network. Tomasz Onyszko
